3 matches found
CVE-2019-14518
Evolution CMS 2.0.x is affected by CVE-2019-14518, which permits cross-site scripting via the description text and a template’s new category location. The issue affects Evolution CMS versions 2.0.x and stems from how template content can be manipulated to execute XSS. Vendor notes indicate the be...
CVE-2018-16637
Evolution CMS 1.4.x is affected by a stored cross-site scripting (XSS) vulnerability that can be triggered via the page weblink title parameter to the manager/ URI. The issue is documented as XSS (including advisories noting versions prior to 1.4.6 are affected). Remediation per the linked adviso...
CVE-2018-16638
Evolution CMS 1.4.x is affected by a Cross‑Site Scripting (XSS) vulnerability in the manager/ search parameter. The CVE-2018-16638 entry documents an XSS flaw that can be triggered via the manager/ URL parameter, with the affected product specified as Evolution CMS 1.4.x. The provided connected d...